Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.3.1 Ensure all information at rest is encryptedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

SYSTEM AND COMMUNICATIONS PROTECTION

1.2 Do Not Install a Multi-Use System - chkconfigCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

CONFIGURATION MANAGEMENT

1.2 Do Not Install a Multi-Use System - chkconfigCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

CONFIGURATION MANAGEMENT

1.2 Do Not Install a Multi-Use System - systemctlCIS BIND DNS v3.0.1 Caching Only Name ServerUnix

CONFIGURATION MANAGEMENT

1.2 Do Not Install a Multi-Use System - systemctlCIS BIND DNS v3.0.1 Authoritative Name ServerUnix

CONFIGURATION MANAGEMENT

1.2.4 Disable the rhnsd DaemonCIS Red Hat Enterprise Linux 5 L2 v2.2.1Unix

SYSTEM AND INFORMATION INTEGRITY

4.2.1 Ensure firewalld is installedCIS SUSE Linux Enterprise 15 v2.0.1 L1 ServerUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

4.2.1 Ensure firewalld is installedCIS SUSE Linux Enterprise 15 v2.0.1 L1 WorkstationUnix

SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

5.3.3.6.1 Ensure the operating system uses multifactor authentication for local access to accountsCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

IDENTIFICATION AND AUTHENTICATION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is UsedCIS PostgreSQL 13 v1.3.0 L1 OS Linux UnixUnix

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabledCIS PostgreSQL 11 OS v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 11 OS v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 10 OS v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl versionCIS PostgreSQL 9.6 OS v1.0.0Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AZLX-23-002610 - Amazon Linux 2023 must implement nonexecutable data to protect its memory from unauthorized code execution.DISA Amazon Linux 2023 STIG v1r2Unix

SYSTEM AND INFORMATION INTEGRITY

DISA_STIG_Splunk_Enterprise_7.x_for_Windows_OS_v3r2.audit from DISA Splunk Enterprise 7.x for Windows v3r2 STIGDISA STIG Splunk Enterprise 7.x for Windows v3r2 OSWindows
DISA_STIG_Splunk_Enterprise_7.x_for_Windows_REST_API_v3r2.audit from DISA Splunk Enterprise 7.x for Windows v3r2 STIGDISA STIG Splunk Enterprise 7.x for Windows v3r2 REST APISplunk
JBOS-AS-000225 - Google Analytics must be disabled in EAP Console.DISA JBoss Enterprise Application Platform 6.3 STIG v2r6Unix

CONFIGURATION MANAGEMENT

JBOS-AS-000655 - JBoss must be configured to use an approved cryptographic algorithm in conjunction with TLS.DISA JBoss Enterprise Application Platform 6.3 STIG v2r6Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-06-000505 - The operating system must conduct backups of system-level information contained in the information system per organization defined frequency to conduct backups that are consistent with recovery time and recovery point objectives.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-07-010110 - The Red Hat Enterprise Linux operating system must initiate a session lock for graphical user interfaces when the screensaver is activated.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-010280 - The Red Hat Enterprise Linux operating system must be configured so that passwords are a minimum of 15 characters in length.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-010310 - The Red Hat Enterprise Linux operating system must disable account identifiers (individuals, groups, roles, and devices) if the password expires.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-010340 - The Red Hat Enterprise Linux operating system must be configured so that users must provide a password for privilege escalation.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-010342 - The Red Hat Enterprise Linux operating system must use the invoking user's password for privilege escalation when using 'sudo' - sudo.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-010470 - The Red Hat Enterprise Linux operating system must not allow a non-certificate trusted host SSH logon to the system.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-020320 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid owner.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-020330 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid group owner.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-020730 - The Red Hat Enterprise Linux operating system must be configured so that local initialization files do not execute world-writable programs.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-021040 - The Red Hat Enterprise Linux operating system must set the umask value to 077 for all local interactive user accounts.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-021700 - The Red Hat Enterprise Linux operating system must not allow removable media to be used as the boot loader unless approved.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-030440 - The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr syscalls.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY

RHEL-07-030510 - The Red Hat Enterprise Linux operating system must audit all uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate syscalls.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-030910 - The Red Hat Enterprise Linux operating system must audit all uses of the unlink, unlinkat, rename, renameat, and rmdir syscalls.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

RHEL-07-040110 - The Red Hat Enterprise Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

RHEL-07-040190 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-040200 - The Red Hat Enterprise Linux operating system must implement cryptography to protect the integrity of Lightweight Directory Access Protocol (LDAP) communications.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-040370 - The Red Hat Enterprise Linux operating system must not permit direct logons to the root account using remote access via SSH.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040530 - The Red Hat Enterprise Linux operating system must display the date and time of the last successful account logon upon logon.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-040612 - The Red Hat Enterprise Linux operating system must use a reverse-path filter for IPv4 network traffic when possible by default.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040620 - The Red Hat Enterprise Linux operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets by default.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040641 - The Red Hat Enterprise Linux operating system must ignore Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040660 - The Red Hat Enterprise Linux operating system must not send Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirects.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040690 - The Red Hat Enterprise Linux operating system must not have a File Transfer Protocol (FTP) server package installed unless needed.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-040712 - The Red Hat Enterprise Linux operating system SSH server must be configured to use only FIPS-validated key exchange algorithms.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

ACCESS CONTROL

RHEL-07-041002 - The Red Hat Enterprise Linux operating system must implement multifactor authentication for access to privileged accounts via pluggable authentication modules (PAM).DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-10-700520 - RHEL 10 must be configured so that the Secure Shell (SSH) daemon does not allow Kerberos authentication.DISA Red Hat Enterprise Linux 10 STIG v1r1Unix

CONFIGURATION MANAGEMENT

RHEL-10-700550 - RHEL 10 must be configured so that the Secure Shell (SSH) daemon disables remote X connections for interactive users.DISA Red Hat Enterprise Linux 10 STIG v1r1Unix

SYSTEM AND INFORMATION INTEGRITY

RHEL-10-700610 - RHEL 10 must be configured so that SSHD does not allow blank passwords.DISA Red Hat Enterprise Linux 10 STIG v1r1Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-10-700900 - RHEL 10 must implement nonexecutable data to protect its memory from unauthorized code execution.DISA Red Hat Enterprise Linux 10 STIG v1r1Unix

SYSTEM AND INFORMATION INTEGRITY